FTP/TLS Access Via PIX 7.2

Discussion in 'Cisco' started by darrenfgreen@tiscali.co.uk, Jul 10, 2012.

  1. Guest

    I've been surfing around to try and work out how to configure a PIX to support FTP/TLS access from an Internet user to a server behind my PIX.

    I can't see any examples of how to configure this but a few posts suggests that the PIX / ASA doesn't support this feature. I understand that the control connection is encrypted resulting in the PIX not been able to see the Data / PASV reply.

    The FTP client is Filezilla.

    Any help in debugging or solving this would be appreciated.

    Regards

    Darren
    , Jul 10, 2012
    #1
    1. Advertising

  2. alex Guest

    wrote:

    > I've been surfing around to try and work out how to configure a PIX to support FTP/TLS access from an Internet user to a server behind my PIX.
    > I can't see any examples of how to configure this but a few posts suggests that the PIX / ASA doesn't support this feature. I understand that the control connection is encrypted resulting in the PIX not been able to see the Data / PASV reply.
    > The FTP client is Filezilla.
    > Any help in debugging or solving this would be appreciated.


    Either you open the full range of ports towards the FTP/TLS server (and
    then you have a 1:1 NAT towards that server since you cannot predict in
    advance which port will be used for the data connection ) or yes the PIX
    won't open the hole for the data connection unless it proxies the TLS
    connection but afaik that's done only for the IP phones.

    HTH Ale
    alex, Jul 10, 2012
    #2
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. yar
    Replies:
    4
    Views:
    1,618
    Juan Carlos \(El fortinero\)
    Sep 21, 2004
  2. =?Utf-8?B?SmF5?=

    Type of Wireless Access Point needed with EAP-TLS

    =?Utf-8?B?SmF5?=, Mar 30, 2005, in forum: Wireless Networking
    Replies:
    2
    Views:
    707
    =?Utf-8?B?SmF5?=
    Apr 1, 2005
  3. Bill F
    Replies:
    1
    Views:
    425
    Walter Roberson
    Nov 25, 2003
  4. Mike Easter

    Why can't I access ftp://ftp.isc.org/ ?

    Mike Easter, Mar 14, 2007, in forum: Computer Support
    Replies:
    10
    Views:
    790
    Vanguard
    Mar 15, 2007
  5. Replies:
    1
    Views:
    410
    Lutz Donnerhacke
    Sep 13, 2007
Loading...

Share This Page